package com.cjb.common.util;


import com.cjb.common.exception.ServerException;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;


/**
 * 加解密工具类
 *
 * @author 李淼 Milo 505754686@qq.com
 */
public class EncryptUtils {

    //加密用的Key 可以用字母和数字组成 此处使用AES-128-ECB加密模式，key需要为16位。
    private static final String ENCRYPT_KEY = "makulowcodeyyds1";

    //参数分别代表 算法名称/加密模式/数据填充方式
    private static final String ALGORITHM_STR = "AES/ECB/PKCS5Padding";

    /**
     * 加密
     * @param content 加密的明文
     * @return 加密后的密文
     */
    public static String encrypt(String content) throws Exception {
        KeyGenerator kgen = KeyGenerator.getInstance("AES");
        kgen.init(128);
        Cipher cipher = Cipher.getInstance(ALGORITHM_STR);
        cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(ENCRYPT_KEY.getBytes(), "AES"));
        byte[] b = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8));
        // 采用base64算法进行转码,避免出现中文乱码
        return Base64.getEncoder().encodeToString(b);
    }

    /**
     * 解密
     * @param encryptStr 解密的密文
     * @return 解密后的明文
     */
    public static String decrypt(String encryptStr) throws Exception {
        KeyGenerator kgen = KeyGenerator.getInstance("AES");
        kgen.init(128);
        Cipher cipher = Cipher.getInstance(ALGORITHM_STR);
        cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(ENCRYPT_KEY.getBytes(), "AES"));
        // 采用base64算法进行转码,避免出现中文乱码
        byte[] encryptBytes = Base64.getDecoder().decode(encryptStr);
        byte[] decryptBytes = cipher.doFinal(encryptBytes);
        return new String(decryptBytes);
    }

    /*************************************非对称加密***************************************************/

    /*证书解析*/
    public static byte[] encryptPem(String certificatePem,String privateKeyPem,String originalData){
        try {
            DigitalCertificate digitalCert = new DigitalCertificate(certificatePem, privateKeyPem);
            // 从证书中提取公钥
            PublicKey publicKey = digitalCert.getCertificate().getPublicKey();

            // 使用私钥进行解密
            PrivateKey privateKey = digitalCert.getPrivateKey();


            System.out.println("打印公钥"+publicKey);
            System.out.println("打印私钥"+privateKey);

            // 加密过程
            Cipher ecEncryptCipher = Cipher.getInstance("ECIES"); // 或者其他的ECC加密算法名
            ecEncryptCipher.init(Cipher.ENCRYPT_MODE, publicKey);
            return ecEncryptCipher.doFinal(originalData.getBytes());
        } catch (Exception e) {
            throw new ServerException("证书解析失败");
        }
    }
    /*数字解密*/
    public static String  DecryptPem(String certificatePem,String privateKeyPem,byte[] encryptedBytes){
        try {
            DigitalCertificate digitalCert = new DigitalCertificate(certificatePem, privateKeyPem);
            // 从证书中提取公钥
            PublicKey publicKey = digitalCert.getCertificate().getPublicKey();

            // 使用私钥进行解密
            PrivateKey privateKey = digitalCert.getPrivateKey();


            System.out.println("打印公钥"+publicKey);
            System.out.println("打印私钥"+privateKey);

            // 解密过程
            // 对于ECC解密
            Cipher ecDecryptCipher = Cipher.getInstance("ECIES"); // 同样的，确保支持ECDH或者ECIES解密
            ecDecryptCipher.init(Cipher.DECRYPT_MODE, privateKey);
            byte[] decryptedBytes = ecDecryptCipher.doFinal(encryptedBytes);

            // 转换回字符串并打印
            return new String(decryptedBytes);
        } catch (Exception e) {
            throw new ServerException("证书解析失败");
        }
    }
}
